This action makes it easy to use different secrets for different branches.
It relies on the following naming scheme for secrets: <name>_<branch>.
In a project with 2 branches, prod and dev, define the following secrets:
SECRET_TOKEN_DEVSECRET_TOKEN_PROD
Step configuration:
- uses: noliran/branch-based-secrets@v1
with:
secrets: SECRET_TOKENIn turn, when running an action on a push to dev or a pull_request targeted at branch dev, this will define the following environment variables:
SECRET_TOKEN_NAME=SECRET_TOKEN_DEVTARGET_BRANCH=devTARGET_BRANCH_U=DEV
After the action runs, you can pass the correct secret to other steps:
env:
SECRET_TOKEN: ${{ secrets[env.SECRET_TOKEN_NAME] }}